aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2020-10-13Merge tag 'selinux-pr-20201012' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds17-498/+1068
2020-10-13Merge tag 'Smack-for-5.10' of git://github.com/cschaufler/smack-nextLinus Torvalds4-149/+200
2020-10-13Merge tag 'tomoyo-pr-20201012' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-6/+23
2020-10-13Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-3/+11
2020-10-12Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds3-41/+3
2020-10-12Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-19/+66
2020-10-12tomoyo: Loosen pathname/domainname validation.Tetsuo Handa1-6/+23
2020-10-05Smack: Remove unnecessary variable initializationCasey Schaufler1-1/+1
2020-10-03security/keys: remove compat_keyctl_instantiate_key_iovChristoph Hellwig3-40/+3
2020-10-03iov_iter: transparently handle compat iovecs in import_iovecChristoph Hellwig1-3/+2
2020-09-25integrity: Asymmetric digsig supports SM2-with-SM3 algorithmTianjia Zhang1-3/+11
2020-09-22Smack: Fix build when NETWORK_SECMARK is not setCasey Schaufler1-0/+7
2020-09-16integrity: Load certs from the EFI MOK config tableLenny Szubowicz1-0/+22
2020-09-16integrity: Move import of MokListRT certs to a separate routineLenny Szubowicz1-19/+44
2020-09-15Merge tag 'fixes-v5.9a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-1/+2
2020-09-15selinux: Add helper functions to get and set checkreqprotLakshmi Ramasubramanian3-5/+16
2020-09-11Smack: Use the netlabel cacheCasey Schaufler4-38/+68
2020-09-11Smack: Set socket labels only onceCasey Schaufler2-89/+98
2020-09-11Smack: Consolidate uses of secmark into a functionCasey Schaufler1-28/+33
2020-09-11selinux: access policycaps with READ_ONCE/WRITE_ONCEStephen Smalley2-8/+9
2020-08-31selinux: simplify away security_policydb_len()Ondrej Mosnacek3-30/+10
2020-08-27selinux: move policy mutex to selinux_state, use in lockdep checksStephen Smalley4-43/+22
2020-08-26selinux: fix error handling bugs in security_load_policy()Dan Carpenter1-11/+23
2020-08-25selinux: convert policy read-write lock to RCUStephen Smalley4-218/+280
2020-08-24selinux: delete repeated words in commentsRandy Dunlap1-3/+3
2020-08-23treewide: Use fallthrough pseudo-keywordGustavo A. R. Silva12-38/+30
2020-08-21selinux: add basic filtering for audit trace eventsPeter Enderborg1-13/+15
2020-08-21selinux: add tracepoint on audited eventsThiƩbaud Weksteen1-0/+5
2020-08-21selinux: Create new booleans and class dirs out of treeDaniel Burgener1-23/+90
2020-08-21selinux: Standardize string literal usage for selinuxfs directory namesDaniel Burgener1-4/+6
2020-08-21selinux: Refactor selinuxfs directory populating functionsDaniel Burgener1-20/+25
2020-08-21selinux: Create function for selinuxfs directory cleanupDaniel Burgener1-14/+25
2020-08-20selinux: permit removing security.selinux xattr before policy loadStephen Smalley1-0/+3
2020-08-20device_cgroup: Fix RCU list debugging warningAmol Grover1-1/+2
2020-08-20selinux: fix memdup.cocci warningskernel test robot1-3/+2
2020-08-19selinux: avoid dereferencing the policy prior to initializationStephen Smalley1-0/+60
2020-08-19selinux: fix allocation failure check on newpolicy->sidtabColin Ian King1-1/+1
2020-08-17selinux: refactor changing booleansStephen Smalley8-64/+368
2020-08-17selinux: move policy commit after updating selinuxfsStephen Smalley6-80/+104
2020-08-17selinux: encapsulate policy state, refactor policy loadStephen Smalley2-192/+221
2020-08-17scripts/selinux,selinux: update mdp to enable policy capabilitiesStephen Smalley4-26/+40
2020-08-12Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-1/+1
2020-08-12mm/gup: remove task_struct pointer for all gup codePeter Xu1-1/+1
2020-08-11Merge tag 'for-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...Linus Torvalds10-10/+10
2020-08-07mm, treewide: rename kzfree() to kfree_sensitive()Waiman Long10-62/+62
2020-08-06Replace HTTP links with HTTPS ones: securityAlexander A. Klimov10-10/+10
2020-08-06Merge tag 'integrity-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds12-140/+283
2020-08-06Merge tag 'Smack-for-5.9' of git://github.com/cschaufler/smack-nextLinus Torvalds1-3/+16
2020-08-04Merge tag 'cap-checkpoint-restore-v5.9' of git://git.kernel.org/pub/scm/linux...Linus Torvalds1-2/+3
2020-08-04Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds3-5/+5
2020-08-04Merge tag 'audit-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-55/+49
2020-08-04Merge tag 'selinux-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds14-161/+240
2020-08-04Merge tag 'var-init-v5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-4/+25
2020-08-03Merge tag 'for-5.9/block-20200802' of git://git.kernel.dk/linux-blockLinus Torvalds1-0/+1
2020-07-27integrity: remove redundant initialization of variable retColin Ian King1-1/+1
2020-07-27Smack: prevent underflow in smk_set_cipso()Dan Carpenter1-1/+1
2020-07-27Smack: fix another vsscanf out of boundsDan Carpenter1-0/+4
2020-07-21audit: purge audit_log_string from the intra-kernel audit APIRichard Guy Briggs5-55/+44
2020-07-21exec: Implement kernel_execveEric W. Biederman3-5/+5
2020-07-20ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtimeBruno Meneguele2-1/+7
2020-07-20ima: AppArmor satisfies the audit rule requirementsTyler Hicks1-1/+1
2020-07-20ima: Rename internal filter rule functionsTyler Hicks2-25/+21
2020-07-20ima: Support additional conditionals in the KEXEC_CMDLINE hook functionTyler Hicks7-22/+28
2020-07-20ima: Use the common function to detect LSM conditionals in a ruleTyler Hicks1-9/+2
2020-07-20ima: Move comprehensive rule validation checks out of the token parserTyler Hicks3-46/+37
2020-07-20ima: Use correct type for the args_p member of ima_rule_entry.lsm elementsTyler Hicks1-9/+9
2020-07-20ima: Shallow copy the args_p member of ima_rule_entry.lsm elementsTyler Hicks1-10/+8
2020-07-20ima: Fail rule parsing when appraise_flag=blacklist is unsupportableTyler Hicks1-1/+14
2020-07-19capabilities: Introduce CAP_CHECKPOINT_RESTOREAdrian Reber1-2/+3
2020-07-16ima: Fail rule parsing when the KEY_CHECK hook is combined with an invalid condTyler Hicks1-0/+7
2020-07-16ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invali...Tyler Hicks1-0/+21
2020-07-16ima: Fail rule parsing when buffer hook functions have an invalid actionTyler Hicks1-2/+38
2020-07-16ima: Free the entire rule if it fails to parseTyler Hicks1-1/+2
2020-07-16ima: Free the entire rule when deleting a list of rulesTyler Hicks1-5/+24
2020-07-16ima: Have the LSM free its audit ruleTyler Hicks2-1/+6
2020-07-16IMA: Add audit log for failure conditionsLakshmi Ramasubramanian4-22/+51
2020-07-16integrity: Add errno field in audit messageLakshmi Ramasubramanian2-1/+23
2020-07-14Smack: fix use-after-free in smk_write_relabel_self()Eric Biggers1-2/+11
2020-07-09selinux: complete the inlining of hashtab functionsOndrej Mosnacek2-59/+63
2020-07-09selinux: prepare for inlining of hashtab functionsOndrej Mosnacek7-63/+110
2020-07-08selinux: specialize symtab insert and search functionsOndrej Mosnacek7-56/+69
2020-07-08audit: issue CWD record to accompany LSM_AUDIT_DATA_* recordsRichard Guy Briggs1-0/+5
2020-07-08selinux: Fix spelling mistakes in the commentslihao3-3/+3
2020-07-08integrity/ima: switch to using __kernel_readChristoph Hellwig1-13/+1
2020-06-30Merge tag 'fixes-v5.8-rc3-a' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+16
2020-06-29selinux: fixed a checkpatch warning with the sizeof macroEthan Edwards1-2/+2
2020-06-24ima: extend boot_aggregate with kernel measurementsMaurizio Drocco2-2/+15
2020-06-24block: move block-related definitions out of fs.hChristoph Hellwig1-0/+1
2020-06-23selinux: log error messages on required process class / permissionsStephen Smalley1-5/+15
2020-06-23selinux: allow reading labels before policy is loadedJonathan Lebon1-1/+6
2020-06-23security: Fix hook iteration and default value for inode_copy_up_xattrKP Singh1-1/+16
2020-06-21Merge tag 'selinux-pr-20200621' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-13/+12
2020-06-17selinux: fix undefined return of cond_evaluate_exprTom Rix1-0/+3
2020-06-16selinux: fix a double free in cond_read_node()/cond_read_list()Tom Rix1-13/+5
2020-06-16security: allow using Clang's zero initialization for stack variablesglider@google.com1-4/+25
2020-06-15ima: Replace zero-length array with flexible-arrayGustavo A. R. Silva1-2/+2
2020-06-14Merge tag 'LSM-add-setgid-hook-5.8-author-fix' of git://github.com/micah-mort...Linus Torvalds1-0/+6
2020-06-14security: Add LSM hooks to set*gid syscallsThomas Cedeno1-0/+6
2020-06-13Merge tag 'kbuild-v5.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ma...Linus Torvalds1-3/+3
2020-06-14treewide: replace '---help---' in Kconfig files with 'help'Masahiro Yamada1-3/+3
2020-06-13Merge tag 'notifications-20200601' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds13-87/+407
2020-06-12Merge tag 'integrity-v5.8-fix' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-1/+2
2020-06-12ima: fix mprotect checkingMimi Zohar1-1/+2
2020-06-10selinux: fix double freeTom Rix1-0/+4
2020-06-09Merge tag 'ovl-update-5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds1-0/+1
2020-06-09Merge tag 'linux-kselftest-kunit-5.8-rc1' of git://git.kernel.org/pub/scm/lin...Linus Torvalds1-1/+2
2020-06-09mmap locking API: convert mmap_sem commentsMichel Lespinasse1-1/+1
2020-06-07Merge tag 'apparmor-pr-2020-06-07' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds11-119/+185
2020-06-07ima: Remove __init annotation from ima_pcrread()Roberto Sassu1-1/+1
2020-06-07apparmor: Fix memory leak of profile proxyJohn Johansen3-6/+9
2020-06-07apparmor: fix introspection of of task mode for unconfined tasksJohn Johansen1-2/+2
2020-06-07apparmor: check/put label on apparmor_sk_clone_security()Mauricio Faria de Oliveira1-0/+5
2020-06-06Merge tag 'integrity-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds12-87/+390
2020-06-05ima: Directly free *entry in ima_alloc_init_template() if digests is NULLRoberto Sassu1-2/+3
2020-06-04Merge branch 'akpm' (patches from Andrew)Linus Torvalds2-22/+5
2020-06-04mm: add kvfree_sensitive() for freeing sensitive data objectsWaiman Long2-22/+5
2020-06-04Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds8-40/+32
2020-06-04Merge branch 'proc-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds1-1/+3
2020-06-04Merge tag 'Smack-for-5.8' of git://github.com/cschaufler/smack-nextLinus Torvalds3-43/+21
2020-06-04Merge tag 'keys-next-20200602' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds2-209/+52
2020-06-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-nextLinus Torvalds4-5/+5
2020-06-03ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()Roberto Sassu4-5/+24
2020-06-03ima: Directly assign the ima_default_policy pointer to ima_rulesRoberto Sassu1-2/+1
2020-06-03ovl: call secutiry hook in ovl_real_ioctl()Miklos Szeredi1-0/+1
2020-06-02Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-1/+1
2020-06-02Merge tag 'selinux-pr-20200601' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds19-326/+499
2020-06-02Merge tag 'tomoyo-pr-20200601' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-1/+1
2020-06-02keys: Implement update for the big_key typeDavid Howells1-1/+18
2020-06-02security/keys: rewrite big_key crypto to use library interfaceJason A. Donenfeld2-209/+35
2020-06-01Merge branch 'uaccess.access_ok' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-2/+0
2020-06-01security: apparmor: default KUNIT_* fragments to KUNIT_ALL_TESTSAnders Roxell1-1/+2
2020-06-01Merge tag 'perf-core-2020-06-01' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-2/+2
2020-06-01Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-15/+3
2020-05-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller3-4/+18
2020-05-29exec: Compute file based creds only onceEric W. Biederman2-13/+15
2020-05-29exec: Add a per bprm->file version of per_clearEric W. Biederman1-1/+1
2020-05-29tomoyo_write_control(): get rid of pointless access_ok()Al Viro1-2/+0
2020-05-28Merge tag 'v5.7-rc7' into perf/core, to pick up fixesIngo Molnar11-66/+105
2020-05-27Merge commit a4ae32c71fe9 ("exec: Always set cap_ambient in cap_bprm_set_creds")Eric W. Biederman1-0/+1
2020-05-27Merge branch 'for-5.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-4/+17
2020-05-27Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds1-0/+1
2020-05-26exec: Always set cap_ambient in cap_bprm_set_credsEric W. Biederman1-0/+1
2020-05-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller9-40/+59
2020-05-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netLinus Torvalds1-2/+14
2020-05-22ima: verify mprotect change is consistent with mmap policyMimi Zohar2-1/+57
2020-05-21apparmor: Fix use-after-free in aa_audit_rule_initNavid Emamdoost1-1/+2
2020-05-21apparmor: Fix aa_label refcnt leak in policy_updateXiyu Yang1-1/+2
2020-05-21apparmor: fix potential label refcnt leak in aa_change_profileXiyu Yang1-2/+1
2020-05-21exec: Convert security_bprm_set_creds into security_bprm_repopulate_credsEric W. Biederman2-7/+6
2020-05-20security: Fix hook iteration for secid_to_secctxKP Singh1-2/+14
2020-05-20exec: Factor security_bprm_creds_for_exec out of security_bprm_set_credsEric W. Biederman7-27/+18
2020-05-19smack: Implement the watch_key and post_notification hooksDavid Howells1-1/+82
2020-05-19selinux: Implement the watch_key security hookDavid Howells1-0/+14
2020-05-19keys: Make the KEY_NEED_* perms an enum rather than a maskDavid Howells7-59/+114
2020-05-19watch_queue: Add a key/keyring notification facilityDavid Howells8-27/+181
2020-05-19security: Add hooks to rule on setting a watchDavid Howells1-0/+7
2020-05-19security: Add a hook for the point of notification insertionDavid Howells1-0/+9
2020-05-19proc: proc_pid_ns takes super_block as an argumentAlexey Gladkov1-1/+1
2020-05-18Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/l...Linus Torvalds5-34/+40
2020-05-15apparmor: Use true and false for bool variableZou Wei2-33/+33
2020-05-15security/apparmor/label.c: Clean code by removing redundant instructionsMateusz Nosek1-6/+0
2020-05-15apparmor: Replace zero-length array with flexible-arrayGustavo A. R. Silva1-1/+1
2020-05-15bpf, capability: Introduce CAP_BPFAlexei Starovoitov1-2/+2
2020-05-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller1-2/+2
2020-05-14evm: Fix a small race in init_desc()Dan Carpenter1-22/+22
2020-05-14lockdown: Allow unprivileged users to see lockdown statusJeremy Cline1-1/+1
2020-05-12selinux: netlabel: Remove unused inline functionYueHaibing1-6/+0
2020-05-12tomoyo: use true for bool variableZou Wei1-1/+1
2020-05-11Smack: Remove unused inline function smk_ad_setfield_u_fs_path_mntYueHaibing1-4/+0
2020-05-08KEYS: encrypted: use crypto_shash_tfm_digest()Eric Biggers1-15/+3
2020-05-07evm: Fix possible memory leak in evm_calc_hmac_or_hash()Roberto Sassu1-1/+1
2020-05-07ima: Set again build_ima_appraise variableKrzysztof Struczynski1-2/+8
2020-05-07ima: Remove redundant policy rule set in add_rules()Krzysztof Struczynski1-4/+1
2020-05-07ima: Fix ima digest hash table key calculationKrzysztof Struczynski1-3/+4
2020-05-07evm: Fix RCU list related warningsMadhuparna Bhowmik3-4/+11
2020-05-07ima: Fix return value of ima_write_policy()Roberto Sassu1-2/+1
2020-05-07evm: Check also if *tfm is an error pointer in init_desc()Roberto Sassu1-1/+1
2020-05-07ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()Roberto Sassu1-6/+6
2020-05-06Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller2-26/+46
2020-05-06Merge tag 'perf-for-bpf-2020-05-06' of git://git.kernel.org/pub/scm/linux/ker...Alexei Starovoitov1-2/+2
2020-05-06Smack:- Remove redundant inode_smack cacheCasey Schaufler1-8/+1
2020-05-06Smack:- Remove mutex lock "smk_lock" from inode_smackCasey Schaufler2-7/+2
2020-05-06Smack: slab-out-of-bounds in vsscanfCasey Schaufler1-0/+10
2020-05-06smack: remove redundant structure variable from header.Maninder Singh1-1/+0
2020-05-06smack: avoid unused 'sip' variable warningArnd Bergmann2-23/+8
2020-05-01selinux: do not allocate hashtabs dynamicallyOndrej Mosnacek8-146/+116
2020-05-01selinux: fix return value on error in policydb_read()Ondrej Mosnacek1-0/+1
2020-05-01selinux: simplify range_write()Ondrej Mosnacek1-16/+2
2020-05-01selinux: fix error return code in policydb_read()Wei Yongjun1-0/+1
2020-04-30Merge tag 'selinux-pr-20200430' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-26/+46
2020-04-30selinux: properly handle multiple messages in selinux_netlink_send()Paul Moore1-25/+45
2020-04-28Merge branch 'work.sysctl' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/...Daniel Borkmann3-3/+3
2020-04-27selinux: fix error return code in cond_read_list()Wei Yongjun1-1/+1
2020-04-27sysctl: pass kernel pointers to ->proc_handlerChristoph Hellwig3-3/+3
2020-04-24Use proc_pid_ns() to get pid_namespace from the proc superblockAlexey Gladkov1-1/+3
2020-04-22selinux: don't produce incorrect filename_trans_countOndrej Mosnacek2-9/+5
2020-04-22Merge tag 'perf-core-for-mingo-5.8-20200420' of git://git.kernel.org/pub/scm/...Ingo Molnar1-2/+2
2020-04-19ima: Use ima_hash_algo for collision detection in the measurement listRoberto Sassu3-5/+23
2020-04-19ima: Calculate and extend PCR with digests in ima_template_entryRoberto Sassu3-15/+58
2020-04-19ima: Allocate and initialize tfm for each PCR bankRoberto Sassu1-26/+119
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 19:10:06 +0000